Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XOfKkPyTC8Pg5HhnTkn57ZrSVm4.roa
File: XOfKkPyTC8Pg5HhnTkn57ZrSVm4.roa (raw, json)
Hash identifier: uXVAE9nWILf7Om1PysQ7z7syxCtdDu+REVudol6ULBE=
Subject key identifier: 5C:E7:CA:90:FC:93:0B:C3:E0:E4:78:67:4E:49:F9:ED:9A:D2:56:6E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869CA169F3ECDDF25A8808F9688AA7C484
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XOfKkPyTC8Pg5HhnTkn57ZrSVm4.roa
Signing time: Wed 01 Mar 2023 10:04:29 +0000
ROA not before: Wed 01 Mar 2023 10:04:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:9ca1:2f54/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:a1:69:f3:ec:dd:f2:5a:88:08:f9:68:8a:a7:c4:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 10:04:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ce7ca90fc930bc3e0e478674e49f9ed9ad2566e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c2:7e:96:a6:60:af:81:a0:22:86:59:30:d0:
dd:18:34:c9:41:ce:be:51:57:66:0c:97:2e:fd:bb:
93:c0:d8:5a:68:6f:fb:ff:c5:c6:51:1f:5c:1f:91:
cf:75:51:4f:17:b9:e0:4e:1b:46:d6:e9:75:3a:8e:
12:6d:bb:9a:c2:d2:8b:91:03:93:2d:12:59:e1:8e:
ca:6d:cd:65:c0:9f:64:9d:b9:04:f1:c8:fe:a6:36:
b7:92:34:39:6a:98:eb:d8:4f:44:d1:40:cc:42:6d:
4f:8a:5f:bc:29:af:c4:23:05:2d:15:1a:3a:07:88:
63:a9:ec:4c:b8:65:19:f9:72:2b:d4:17:26:8d:5c:
fb:dc:e2:e0:43:0b:82:b8:53:0f:b5:80:d7:33:2c:
12:ce:f7:5d:19:7d:36:ee:be:38:94:06:da:70:c6:
48:e9:88:8b:9b:58:2c:ef:4c:dd:88:b0:a2:a8:9f:
88:55:29:e2:d9:17:99:a3:00:c6:30:b3:21:a5:88:
5a:48:52:43:ad:05:25:8f:1a:a7:d3:f8:f2:96:7e:
0e:f1:b0:24:34:36:a0:92:6c:6c:8f:10:6f:82:3e:
a9:87:46:22:e2:6d:bb:b5:7c:7d:e7:55:48:67:bb:
1a:13:8b:af:bd:5c:69:8a:a8:05:84:8a:ea:77:da:
b5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E7:CA:90:FC:93:0B:C3:E0:E4:78:67:4E:49:F9:ED:9A:D2:56:6E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XOfKkPyTC8Pg5HhnTkn57ZrSVm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:91:33:6a:17:d1:17:92:81:cc:2f:e1:44:25:06:6e:fb:6b:
1c:30:bf:4c:08:61:65:30:0d:9d:69:50:58:3c:68:3d:38:3d:
98:61:16:46:5c:48:7f:14:7a:e5:c8:da:ea:a3:f4:b5:36:f5:
4d:a5:e3:0a:66:a7:d0:92:a2:da:fa:56:ee:20:f9:08:6d:f4:
30:81:12:08:9a:58:c7:06:f5:89:cf:e4:bb:e1:2d:71:2d:96:
c5:63:bc:98:61:09:4c:f1:62:86:97:4e:b2:fa:c4:da:95:b9:
ad:8f:f2:6c:56:2c:12:c8:51:e0:19:f3:0f:1a:71:f5:59:f0:
85:c2:39:55:f4:2e:e3:20:0b:ac:fc:23:b2:ca:65:73:ec:9f:
06:80:f9:57:34:6c:c1:40:d2:fd:b5:86:54:30:82:17:09:21:
41:c6:af:3a:e9:69:6e:8f:13:90:93:f4:34:a9:d5:4f:0b:e2:
84:93:a2:03:cc:ae:b0:5c:5a:2a:a5:e1:df:62:ee:dc:55:4d:
5d:87:61:84:ca:4f:82:53:6d:99:be:e9:22:92:1b:74:ed:2d:
1c:0a:28:b4:a8:fa:87:bf:5a:4a:95:7f:7f:ae:38:ce:de:5d:
df:03:d5:bb:65:3b:8e:53:76:6b:3b:39:a4:0f:55:81:bc:06:
ec:9c:0b:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYacoWnz7N3yWogI+WiKp8SEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMTAwNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U3Y2E5MGZjOTMwYmMzZTBlNDc4Njc0ZTQ5ZjllZDlhZDI1NjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8J+lqZgr4GgIoZZMNDdGDTJQc6+
UVdmDJcu/buTwNhaaG/7/8XGUR9cH5HPdVFPF7ngThtG1ul1Oo4SbbuawtKLkQOT
LRJZ4Y7Kbc1lwJ9knbkE8cj+pja3kjQ5apjr2E9E0UDMQm1Pil+8Ka/EIwUtFRo6
B4hjqexMuGUZ+XIr1BcmjVz73OLgQwuCuFMPtYDXMywSzvddGX027r44lAbacMZI
6YiLm1gs70zdiLCiqJ+IVSni2ReZowDGMLMhpYhaSFJDrQUljxqn0/jyln4O8bAk
NDagkmxsjxBvgj6ph0Yi4m27tXx951VIZ7saE4uvvVxpiqgFhIrqd9q1MQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFznypD8kwvD4OR4Z05J+e2a0lZuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWE9mS2tQeVRDOFBnNUhoblRrbjU3WnJTVm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH+RM2oX0ReSgcwv4UQl
Bm77axwwv0wIYWUwDZ1pUFg8aD04PZhhFkZcSH8UeuXI2uqj9LU29U2l4wpmp9CS
otr6Vu4g+Qht9DCBEgiaWMcG9YnP5LvhLXEtlsVjvJhhCUzxYoaXTrL6xNqVua2P
8mxWLBLIUeAZ8w8acfVZ8IXCOVX0LuMgC6z8I7LKZXPsnwaA+Vc0bMFA0v21hlQw
ghcJIUHGrzrpaW6PE5CT9DSp1U8L4oSTogPMrrBcWiql4d9i7txVTV2HYYTKT4JT
bZm+6SKSG3TtLRwKKLSo+oe/WkqVf3+uOM7eXd8D1btlO45Tdms7OaQPVYG8Buyc
Czs=
-----END CERTIFICATE-----
Generated at Fri May 2 00:51:37 2025 by rpki-client